Total
8221 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27929 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-01-29 | 5.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory. | ||||
| CVE-2023-30084 | 1 Libming | 1 Libming | 2025-01-29 | 5.5 Medium |
| An issue found in libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the stackVal function in util/decompile.c. | ||||
| CVE-2023-27949 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-01-29 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | ||||
| CVE-2023-27946 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-01-29 | 7.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | ||||
| CVE-2022-48236 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 4.4 Medium |
| In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2022-39089 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 4.4 Medium |
| In mlog service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2023-29460 | 1 Rockwellautomation | 1 Arena | 2025-01-28 | 7.8 High |
| An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a complete loss of confidentiality, integrity, and availability. | ||||
| CVE-2023-29461 | 1 Rockwellautomation | 1 Arena | 2025-01-28 | 7.8 High |
| An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentially resulting in a complete loss of confidentiality, integrity, and availability. | ||||
| CVE-2022-47334 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 4.4 Medium |
| In phasecheck server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2023-30985 | 1 Siemens | 1 Solid Edge Se2023 | 2025-01-28 | 3.3 Low |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted OBJ file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19426) | ||||
| CVE-2021-46794 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-28 | 7.5 High |
| Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service. | ||||
| CVE-2021-46749 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-28 | 7.5 High |
| Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service. | ||||
| CVE-2021-26365 | 1 Amd | 108 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 105 more | 2025-01-28 | 8.2 High |
| Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents. | ||||
| CVE-2022-30339 | 1 Intel | 1 Integrated Sensor Solution | 2025-01-27 | 6 Medium |
| Out-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2022-30531 | 2 Intel, Microsoft | 2 Iris Xe Max Dedicated Graphics, Windows | 2025-01-27 | 4.4 Medium |
| Out-of-bounds read in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1474 may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2022-34346 | 1 Intel | 1 Media Software Development Kit | 2025-01-27 | 4.8 Medium |
| Out-of-bounds read in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-34864 | 1 Intel | 1 Trace Analyzer And Collector | 2025-01-27 | 4.2 Medium |
| Out-of-bounds read in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-46765 | 1 Amd | 88 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 85 more | 2025-01-27 | 7.5 High |
| Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service. | ||||
| CVE-2022-35729 | 2 Intel, Openbmc-project | 58 C621a, C624a, C627a and 55 more | 2025-01-27 | 7.5 High |
| Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2023-23909 | 1 Intel | 2 Oneapi Hpc Toolkit, Trace Analyzer And Collector | 2025-01-27 | 2.8 Low |
| Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access. | ||||